|
|
|
|
|
|
by whatshisface
2424 days ago
|
|
|
Do you think that if they had just put the tracker in nobody would have noticed? I think it would go silent for a month, and then become the subject of a top-of-HN blog post about how some enterprise security guy discovered it. Gitlab would write a blog post about how sorry they were, nobody would believe them, and there would be no way to un-do the breach of trust. By allowing everyone on HN to tell at them not to implement the change before doing it, they have made themselves able to avoid the catastrophe by cancelling the plan. Although the best thing Gitlab could have done for their public image as a trustworthy service provider would be to never have even let on that they would consider such a thing, this is the next best option, because whoever wanted to do this now has lost some internal political credibility. |
|
|